Page 76 - From GMS to LTE
P. 76

62  From GSM to LTE-Advanced Pro and 5G

            1.10   The SIM Card

            Despite its small size, the SIM card, officially referred to as the Universal Integrated
            Circuit Card (UICC), is one of the most important parts of a GSM network because it
            contains all the subscription information of a subscriber. Since it is standardized, a sub-
            scriber can use any GSM or UMTS phone by simply inserting the SIM card. Exceptions
            are phones that contain a ‘SIM lock’ and thus only work with a single SIM card or only
            with the SIM card of a certain operator. However, this is not a GSM restriction. It was
            introduced by mobile network operators to ensure that a subsidized phone is used only
            with SIM cards of their network.
             The most important parameters on the SIM card are the IMSI and the secret key (Ki),
            the latter of which is used for authentication and the generation of ciphering keys (Kc).
            With a number of tools, which are generally available on the Internet free of charge, it is
            possible to read out most parameters from the SIM card, except for sensitive parameters
            that are read protected. Figure 1.49 shows such a tool. Protected parameters can only be
            accessed with a special unlock code that is not available to the end user.
             Astonishingly, a SIM card is much more than just a simple memory card as it contains
            a complete microcontroller system that can be used for a number of additional  purposes.
            The typical properties of a SIM card are shown in Table 1.7.
             As shown in Figure 1.50, the mobile device cannot access the information on the
            Electrically Erasable Programmable Read‐Only Memory (EEPROM) directly, but has to
            request the information from the SIM’s CPU. Therefore, direct access to sensitive infor-
            mation is prohibited. The CPU is also used to generate the SRES during the network
            authentication procedure, based on the RAND which is supplied by the AuC (see
            Section 1.6.4). It is imperative that the calculation of the SRES is done on the SIM card































            Figure 1.49  Example of a tool to visualize the data contained on a SIM card.
   71   72   73   74   75   76   77   78   79   80   81